MAC based NAT

Hi all,

I have a linux machine running ubuntu server with 2NICS (WAN and LAN). I want the LAN side machines to use the linux box as a gateway to get on the internet (WAN side). The only problem is that the LAN side machines will have static IP's and cannot be configured for DHCP. I have to work arround the settings they have. I have written a small program which runs on the server, listens to ARP requests and gets all client trafic and NATs them to the WAN side. The clients now can ping google irrespective of their static IP addresses.

My code does NAT, based on MAC addresses i.e. A client packet from XX:YY will be sent out using 10.0.0.1. as source address. Another client with ZZ:ZZ will have packets with source address 10.0.0.2 on the WAN side interface.

My problem is that i am having trouble getting TCP/HTTP to work through my NAT. The GET request does not get a reply from the WAN side :( so i am stuck and thinking of alternatives!

Question time:
1. can this be done using netfilter and IP tables? instead of writhing my own NAT code.
2. are there any open source user space NAT programs that i could take and modify?
3. Can i modify the current netfilter code? will this be a huge task?

My tools: libpcap, gcc, wireshark, ubuntu server 10.10

I am new to linux network programming, any sujesions would be appreciated.

Thanks,

Mal

Why doesn't DHCP work for you? That would lever the MAC/IP resolution and would allow you to forget layer 1. Basically your software would implement features that firewalls (like iptables) already handle nicely. My opinion is that one should never ever merge layer 1 (physical) and layer 2 (addressing). There are several reasons why they were split and several problems for whoever messes up with this (i.e. how would you handle if the network infrastructure changes from ethernet to fibre optic for one host as that one needs a huge throughput?).